In today’s world, where big and small businesses are largely affected by cyber attacks and data breaches, spending on cybersecurity has skyrocketed. Enterprises are spending millions of dollars to safeguard their cyber defenses. And when we talk about Cyber Security and Information Security, Georgia Weidman is one of the few prominent names in the industry that comes to mind.
Georgia Weidman is an Ethical Hacker, Penetration Tester, CEO of Shevirah Inc / Bulb Security LLC and author of the book “Penetration Testing: A Hands-on Introduction to Hacking.”
Here’s an exclusive interview of Georgia Weidman with our team at Ivacy where we asked some questions related to her and Cyber Security in general:
Q1 – Hi Georgia, we are super-glad to have you and were totally impressed by knowing how much you’ve achieved in a short span of time. What brings you to this infosec industry? How you started your journey as an Ethical Hacker?
I went to college early, at 14 instead of the usual 18. And I took a math degree because I didn’t want to be a computer scientist. My mother was one and what teenager wants to be like their parents?
But then I couldn’t really find a job at 18 with just a bachelor’s degree and no work experience, I was asked to do a master’s degree in computer science, and they were going to give me money! That was better than having to live with my parents.
So I entered the Masters program and the university had a cyber defense club. The captain of the cyber defense club seemed really interesting and I wanted to learn more about him. So, knowing nothing about cybersecurity, I joined the cyber defense club and we competed in the Mid-Atlantic Cyber Defense Competition. Well, I learned that cybersecurity was more interesting than the guy, but I also found what I wanted to do with my life.
Q2- What was your inspiration & motivation behind writing your Book “Penetration Testing”?
I wanted to write the book that I wished I had when I was starting out in infosec. When I first started and was trying to learn so much of what was available in the way of tutorials and amassed so much prior knowledge that I was doing the technical equivalent of looking up all the words in the dictionary. Then those words in the children’s dictionary to even get an idea of how things worked much less why they worked.
When asking for help, I got a lot of “Get off n00b,” or “Try Harder!” rather than explanations. I wanted to make it easier for those who came after me and fill in that gap with my book.
Q3- As interesting as the name is, tell us about your company Bulb Security and how it all started?
I actually have two companies Shevirah Inc. and Bulb Security LLC. I started Bulb when I received a DARPA Cyber Fast Track grant to build the Smartphone Pentest Framework and subsequently was reprimanded for having the audacity to apply for the grant independently.
In addition to the research projects, I also built a consulting business of penetration testing, training, reverse engineering, even patent analysis at this point. In my copious spare time, I’m also a professor at the University of Maryland University College and Tulane University.
I started Shevirah when I joined the Mach37 startup accelerator to productize my work in mobile and the Internet of Things penetration testing, phishing simulation, and preventative control validation to expand my reach from helping other researchers to helping enterprises get a better understanding of their mobile and IoT security posture and how to improve it.
Q4- Well, tell us about the single most exciting time when you really felt proud of your job as a Penetration Tester.
Every time I get in, particularly in a new way, has the same rush as the first time. What also makes me proud is having repeat customers who not only fixed everything we found the first time, but have also continued to raise their security posture as new vulnerabilities and attacks became known in the time between tests.
To see a customer not only just patch what I used to get in, but also build a more mature security posture for the enterprise as a whole, means I’ve made much more of an impact than just showing them I can get domain admin with LLMNR poisoning or EternalBlue.
Q5- For those who want to start their Journey in the field of Ethical Hacking & Penetration Testing, what suggestions or career advice you would like to give? It can be any online course suggestions, certificates or and educational degree for that matter.
I’d recommend my book, Penetration Testing: A Hands-On Introduction to Hacking of course. I’d also suggest getting involved in local hacker meetings or conferences such as a local DEF CON group chapter or Security BSides. That’s a great way to meet potential mentors and connections in the industry. I’d also suggest doing a research project or class.
This is the competition that got me into #infosec in the first place. There are competitions in regions all over the country as well as a nationals for the regional winners. A good place to put your outreach dollars and volunteer hours. https://t.co/TcNLC7r8tV
— Georgia Weidman (@georgiaweidman) February 28, 2019
So many people think security research is dark magic that requires arcane skills about the inner workings of the bootloader, but, in most cases, that is not the case. Even if you are just starting out, everyone has a skill set that would be helpful to others in the field that they can share. Maybe you are great at formatting in Word or have years of experience as a Linux system admin?
Q6- Would you like to suggest some security software, add-ons, extensions, etc. to our audience who are concerned about their online privacy & security? Are there any foolproof methods for maximum online protection?
Given that part of my business is validating the effectiveness of preventative solutions, I’m sure you’ll understand that I have to remain vendor agnostic in interviews. It is important to note that there is no such thing as foolproof security. In fact, I strongly believe that preventative security vendors’ marketing strategy of, “If you install our software (or put our box on your network), you won’t have to worry about security anymore,” is the root cause of many of the high profile breaches we see today.
Enterprises, having been informed by these so-called expert vendors, throw a lot of money at the security problem but overlook things like patching and phishing awareness because their vendors said they had it all covered. And, as we see time and time again, no preventative solution will stop everything.
Q7- From a Hacker’s standpoint, how difficult it becomes to hack someone if they have a VPN running on their smart device? How effective are VPNs? Do you use any?
Like most attacks these days, most mobile attacks involve some sort of social engineering, often as part of a larger chain of exploitation. As with the preventative products, a VPN can certainly be helpful against some attacks and certainly against eavesdropping, but, as long as mobile users are downloading malicious applications, management profiles, etc. and opening malicious links on their smart devices, a VPN can only go so far.
I would encourage users to use VPNs, particularly on public networks, as well as other security products of course. I just would like users to continue to be vigilant about their security posture rather than relying solely on these products to protect them.
Q8- With the exponential boom of smart devices and incredible development in the field of IOT, what do you think are the potential security threats & vulnerabilities that’ll most likely tag along?
I see the threats against mobile and IoT as the same as traditional devices with more entry and exit points. On a Windows computer, there is the threat of remote code execution attacks where the user need do nothing for the attack to be successful, client-side attacks where the user needs to open a malicious file be it a web page, a PDF, an executable, etc. There are also social engineering attacks and local privilege escalation.
Patches are missing, passwords are easy to guess, third party software is insecure, the list goes on. In mobile and IoT we deal with those same problems except instead of just the wired or wireless connection we now have the mobile modem, Zigbee, Bluetooth, Near Field Communication, just to name a few as potential attack vectors as well as avenues to bypass any data loss prevention deployed. If confidential data is being siphoned from the database by a compromised mobile device and then sent to the cellular network via SMS, all the preventative technology in the world at the network perimeter won’t catch it. Likewise, we have more ways than ever that users can be socially engineered.
Instead of just email and a phone call now we have SMS, social media such as Whatsapp and Twitter, QR codes, the list of the myriad ways a user might be targeted to open or download something malicious goes on and on.
Q9- Are there any security conferences you are looking forward to? If Yes, then what are those?
I also like to see new places and meet new people. So I’m always up for traveling to foreign lands to do conferences. This year I’ve been invited to keynote RastacCon! in Jamaica. Last year I had a wonderful time visiting Salvador, Brazil, keynoting one of the Roadsec conferences. Also this year I am keynoting Carbon Black Connect, which is a good venue for me as I am working to become as well known in the business world as I am in the infosec world. Despite being in hot and crowded Las Vegas, infosec summer camp (Blackhat, Defcon, BSidesLV, plus assorted other events at the same time) is a great way to catch up with a lot of people from the industry and see what they have been up to.
Q10- What are your future plans? Will you be writing another book? Founding another company? Scaling the existing one? What is Georgia Weidman looking to accomplish further in her life?
I am currently finishing up the 2nd Edition of Penetration Testing: A Hands-On Introduction to Hacking. I definitely would like to write additional beginner-friendly technical books in the future. Though I’ve only done a couple of angel investments so far, I hope to be able to invest in and mentor other startup founders in the future, particularly technical founders like me, and do more to support women and minorities in infosec.
I’ve learned a lot from doing a startup, but I’m also one of that rare breed that really just wants to do security research. Post-startup I imagine myself just doing security research full time for a while. Completely not tech related, but if you follow me on social media, you might have noticed that I compete in equestrian events, so this year my horse Tempo and I hope to win Virginia Horse Show Association finals. Longer term, I’d like to devote more time and resources to matching rescue horses with deserving owners and saving sea turtles.
“You cannot fix security with preventative products alone. Testing is a necessary and often-overlooked part of security. How will a real attacker break into your organization? Will they be able to bypass your preventative solution? (Hint: yes.)” – Georgia Weidman